Paul's Security Weekly (Audio)

Scanning The Internet with Linux Tools - PSW #919

Mar 26, 2026
A tour of internet-scale scanning tools for network edge devices. They compare passive queries with active fast scans and banner grabs. Service fingerprinting, template vulnerability checks, and AI-powered whitebox testing get covered. The conversation also covers orchestration pipelines, firmware analysis, certificate inventorying, and operationalizing regular edge scans.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ADVICE

Unpack Firmware And Feed It To AI For Bounty Hunting

  • For firmware targets, unpack firmware (binwalk/unblob) and feed code plus live target to an AI to find issues faster.
  • Paul and Josh run unblob/binwalk in a container and use Claude to search firmware + source for vulnerabilities.
ADVICE

Use The Pipeline Internally And Create Tickets

  • Run these scans internally and create tickets to fix findings instead of relying solely on external bug bounties.
  • Paul recommended spinning the pipeline inside your org and using automated ticketing for discovered vulns.
ADVICE

Use Shodan Queries To Find Weak TLS And Expired Certs

  • Use Shodan queries to search specific netblocks and look for expired certs, weak TLS, or known vulnerable services.
  • Paul showed Shodan can filter by vendor, vuln presence, or certificate metadata to spot weak TLS or expired certs.
Get the Snipd Podcast app to discover more snips from this episode
Get the app